summaryrefslogtreecommitdiff
path: root/worker/Dockerfile
blob: 71e2ecf2bdeaeeaf7a504d8672922bd76acaccca (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

# -- <worker_dependencies> --
FROM debian:stable-slim AS worker_dependencies

ARG BITWARDEN_VERSION=2025.4.0
RUN apt-get update && apt-get install -yqq unzip curl

RUN curl -L -o /bw-linux.zip "https://github.com/bitwarden/clients/releases/download/cli-v${BITWARDEN_VERSION}/bw-linux-${BITWARDEN_VERSION}.zip"
RUN unzip /bw-linux.zip -d / \
    && chmod +x /bw
# -- </worker_dependencies> --

# -- <ci_worker> --
FROM oci.liz.coffee/emprespresso/ci_base:release AS worker

RUN apt-get update && apt-get install -yqq git jq

ENV PIPELINE_PATH=/app/worker/dist/scripts
RUN chmod +x /app/worker/dist/scripts/*

RUN mkdir -p /var/lib/laminar/cfg
RUN cp -r /app/worker/jobs /var/lib/laminar/cfg
# see: https://github.com/nodejs/docker-node/blame/89b29ef06b421598ec007605a2604ede0348b298/22/bullseye-slim/Dockerfile#L3-L4
RUN chown -R node:node /var/lib/laminar

RUN curl -fsSL https://get.docker.com | sh

# adding a user to only the group"docker" doesn't deterministically give it access to the
# docker socket of the host.
# e.g. host has /etc/groups: docker:995, container has /etc/groups: docker:996
# because i'm likely the only one to ever touch this, and i FORCE "docker" to be 996, this will
# be hardcoded defaulting to 995.
ARG DOCKER_GID="995" # but it may be overridden via this `DOCKER_GID` build arg.
RUN groupmod -g ${DOCKER_GID} docker
RUN usermod -a -d /var/lib/laminar -G docker  node

COPY --from=worker_dependencies /bw /usr/local/bin/

USER node
WORKDIR /var/lib/laminar
EXPOSE 8080

CMD [ "/usr/sbin/laminard" ]
# -- </ci_worker> --
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-20 22:41:50 +0000